A Single Class PHP Password Hashing and Encryption package - Oire Colloportus package blog

Recommend this page to a friend!

All package blogs

Oire Colloportus

Oire Colloportus package blog

A Single Class PHP Pa...

Top featured articles

307. Is Your OAuth 2.0 Application Secure?

307. This article

307. How You can use a PHP Slug Creator to Generate Readable Web Page URLs in English and Other Languages

307. Making money with advertising in embedded Google Maps

307. How to Create a PHP Game Level Map Creator that Generates TMX Files to Use in Your Games Developed with CraftyJS

Author: Andre Polykanine A.K.A. Menelion Elens�l�

Updated on: 2021-03-30

Posted on: 2021-03-30

Viewers: 291 (March 2021 until December 2021)

Last month viewers: 2 (December 2021)

Package: Oire Colloportus

Password hashing is an useful approach to make more secure systems that need to verify the password that users enter in a way that may be very hard to discover the original password of users, in case there is a breach of user accounts.

Read this article to learn how the Colloportus implements its PHP password hashing solution to simplify the implementation of solutions for storing passwords.

Picture of Andre Polykanine A.K.A. Menelion Elens�l�

By Andre Polykanine A.K.A. Menelion Elens�l� Ukraine

oire.me

<email contact>

In this article you will learn:

Introduction

What Is Colloportus

The Single-File Concept

What Can Colloportus Do

Download or Install Colloportus using PHP Composer

Introduction

My name is Andre, and I would like to present you my Colloportus package. In this post I explain what is Colloportus, why I wrote it and when it can be useful.

What Is Colloportus

Colloportus is a single-file library for password hashing and verification, as well data encryption and decryption. It is actually a simplified fork of ParagonIE's PasswordLock, where I tried to minimize the amount of code without breaking security.

The Single-File Concept

Nowadays, most developers do not care about disk space or amount of files their code takes: a JavaScript framework can take several megabytes, and it is considered normal.

When installing something via Composer, a PHP library usually takes tens of files. However, I believe most libraries with a narrow feature set can be written so they contain one file per library, probably, with one or several single-file dependencies. I call this the single-file concept.

What Can Colloportus Do

Colloportus, being primarily designed for password hashing and verification, it assists in secure hashing, storing and verifying passwords provided by users. There are no backdoors, and a hashed password cannot be transformed to plain text.

However, Colloportus provides also symmetric encryption and decryption features since these are used in password hashing. A password is actually first hashed. Then an authenticated encryption is applied.

Feel free to apply Colloportus as a hashing library for your password handling, as well as an encryption library if for some reason you need some data to be decryptable. Do not use this for storing passwords. Passwordsy must be irreversibly hashed to be secured.

Colloportus usually returns storable and readable data ready to be inserted into databases or configuration files.

Download or Install Colloportus using PHP Composer

I hope you get a glimpse of information about Colloportus and its use. For more detailed explanation on how to use the library, please see its Readme document.

You can download the package archive by going to the download page. Alternatively you can install it using PHP Composer using the instructions that you can find in the package installation page.